Updated Dumps for Cisco 300-410 Exam

Text Material Preview

300-410
Exam Name: Implementing Cisco Enterprise Advanced
Routing and Services (ENARSI)
Full version: 573 Q&As
Full version of 300-410 Dumps
Share some 300-410 exam dumps below.
1. A network administrator added a new spoke site with dynamic IP on the DMVPN network.
Which configuration command passes traffic on the DMVPN tunnel from the spoke router?
A. ip nhrp registration ignore
B. ip nhrp registration no-registration
 1 / 112
https://www.certqueen.com/300-410.html
C. ip nhrp registration dynamic
D. ip nhrp registration no-unique
Answer: D
2. Refer to the exhibit.
 2 / 112
AS 111 mut not be used as a transit AS, but ISP-1 is getting ISP-2 routes from AS 111.
Which configuration stops Customer AS from being used as a transit path on ISP-1?
A. ip as-path access-list 1 permit ^$
B. ip as-path access-list 1 permit_111_
C. ip as-path access-list 1 permit."
D. ip as-path access-list 1 permit ^111$
Answer: A
3. DRAG DROP
An engineer must establish a connection between two CE routers for two customers with
overlapping IP addresses Customer_a is connected to interfaces Gig0/0, and Customer_b is
connected to interfaces Gig0/1.
Routers CE1 and CE2 are configured as follows:
Drag and drop the code snippets from the right onto the boxes in the configuration to establish
the needed connection. Snippets may be used more than once.
 3 / 112
Answer:
 4 / 112
4. Refer to the exhibit.
 5 / 112
The route to 192 168 200 0 is flapping between R1 and R2.
Which set of configuration changes resolves the flapping route?
 6 / 112
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
5. Refer to the exhibit.
 7 / 112
An engineer configures router A to mark all inside to outside traffic from network 192 168 1 0,
except from host 192 168 1 1. with critical IP precedence. The policy did not work as expected.
Which configuration resolves the issue?
A)
B)
 8 / 112
C)
D)
 9 / 112
A. Option
B. Option
C. Option
D. Option
Answer: A
6. Refer to the exhibit.
Which action resolves the issue?
A. Establish connectivity between the NTP server and the switch.
B. Configure the local time on Cisco DNA Center
C. Configure the local time on the SW1 device
D. Establish connectivity between the NTP server and Cisco DNA Center.
Answer: C
7. Refer to the exhibit.
 10 / 112
An engineer implemented CoPP to limit Telnet traffic to protect the router CPU. It was noticed
that the Telnet traffic did not pass through CoPP.
Which configuration resolves the issue?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
8. Refer to the exhibit.
 11 / 112
Which interface configuration must be configured on the HUB router to enable MVPN with
mGRE mode?
 12 / 112
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-
conn-dmvpn-15-mt-book/sec-conn-dmvpn-dmvpn.html
9. Refer to the exhibit.
 13 / 112
An engineer configures the router 10.1.100.10 for EIGRP auto summarization so that R1 should
receive the summary route of 10.0.0.0/8. However, R1 receives more specific /24 routes.
Which action resolves this issue?
A. Router R1 should configure ip summary address eigrp (AS number) 10.0.0.0 255.0.0.0 for
the R1 Fast Ethernet 0/0 connected interface.
B. Router R1 should configure ip route 10.0.0.0 255.0.0.0 null 0 for the routes that are received
on R1.
C. Router 10.1.100.10 should configure ip route 10.0.0.0 255.0.0.0 null 0 for the routes that are
summarized toward R1.
D. Router 10.1.100.10 should configure ip summary address eigrp (AS number) 10.0.0.0
255.0.0.0 for the R1 Fast Ethernet 0/0 connected interface.
Answer: D
10. 16.0/20
11. DRAG DROP
Drag and drop the packet types from the left onto the correct descriptions on the right.
Answer:
 14 / 112
Explanation:
Unlike legacy network technologies such as ISDN, Frame Relay, and ATM that defined
separate data and control channels, IP carries all packets within a single pipe. Thus, IP network
devices such as routers and switches must be able to distinguish between data plane, control
plane, and management plane packets to treat each packet appropriately.
From an IP traffic plane perspective, packets may be divided into four distinct, logical groups:
12. Which control plane process allows the MPLS forwarding state to recover when a secondary
RP takes over from a failed primary RP?
A. MP-BGP uses control plane services for label prefix bindings in the MPLS forwarding table
B. LSP uses NSF to recover from disruption *i control plane service
C. FEC uses a control plane service to distribute information between primary and secondary
processors
D. LDP uses SSO to recover from disruption in control plane service
Answer: C
13. How does an MPLS Layer 3 VPN differentiate the IP address space used between each
VPN?
A. by RD
B. by address family
C. by MP-BGP
D. byRT
Answer: A
14. DRAG DROP
Drag and drop the MPLS terms from the left onto the correct definitions on the right.
 15 / 112
Answer:
15. Refer to the exhibit.
 16 / 112
An engineer implemented CoPP but did not see OSPF traffic going through it.
Which configuration resolves the issue?
A. ip access-list extended OSPF permit ospf any any
B. policy-map COPP class OSFP police 8000 conform-action transmit exceed-action transmit
violate-action drop
C. control-plane service-policy input COPP
D. class-map match-all OSFP match access-group name OSPF
Answer: B
16. An engineer is troubleshooting on the console session of a router and turns on multiple
debug commands. The console screen is filled with scrolling debug messages that none of the
commands can be verified if entered correctly or display any output.
Which action allows the engineer to see entered console commands while still continuing the
analysis of the debug messages?
A. Configure the logging synchronous command
B. Configure the no logging console debugging command globally
C. Configure the logging synchronous level all command
D. Configure the term no mon command globally
Answer: A
Explanation:
Let’s see how the “logging synchronous” command affect the typing command:
Without this command, a message may pop up and you may not know what you typed if that
message is too long. When trying to erase (backspace) your command, you realize you are
 17 / 112
erasing the message instead.
With this command enabled, when a message pops up you will be put to a new line with your
typing command which is very
17. Refer to the exhibit.
 18 / 112
The output of the trace route from R5 shows a loop in the network.
 19 / 112
Which configuration prevents this loop?
A)
B)
 20 / 112
C)
 21 / 112
D)
 22 / 112
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Explanation:
The reason for the loop is that R2 is forwarding the packets destined to 10.1.1.1 to R4, instead
of R1. This is because in the redistribute OSPF statement, BW metric has a higher value and
delay has a value of 1. So, R2 chooses R4 over R1 for 10.1.1.0/24 subnet causing a loop. Now,
R5 learns 10.1.1.0/24 from R3 and advertises the same route to R4, that R4 redistributes back
in EIGRP. If R3 sets a tag of 1 while redistributing EIGRP in OSPF, and R4 denies all the OSPF
routes with tag 1 while redistributing, it will not advertise 10.1.1.0/24 back into EIGRP. Hence,the loop will be broken.
18. Refer to the exhibit.
 23 / 112
 24 / 112
An engineer configures DMVPN and receives the hub location prefix of 10.1.1.0724 on R2 and
R3. The R3 prefix of 10 1.3.0/24 is not received on R2. and the R2 prefix 10.1,2.0/24 is not
received on R3.
Which action reserves the issue?
A. Split horizon prevents the routes from being advertised between spoke routers it should be
disabled with the command no ip split-horizon eigrp 10 on the tunnel interface of R1
B. There is no spoke-to-spoke connection DMVPN configuration should be modified to enable a
tunnel connection between R2 and R3 and neighbor relationship confirmed by use of the show
ip eigrp neighbor command
C. Split horizon prevents the routes from being advertised between spoke routers it should
be disabled with the no ip split-horizon eigrp 10 command on the Gi0/0 interface of R1.
D. There is no spoke-to-spoke connection DMVPN configuration should be modified with a
manual neighbor relationship configured between R2 and R3 and confirmed bb use of the show
ip eigrp neighbor command.
Answer: A
Explanation:
In this topology, the Hub router will receive advertisements from R2 Spoke router on its tunnel
interface. The problem here is that it also has a connection with R3 Spoke on that same tunnel
interface. If we don’t disable split-horizon, then the Hub will not relay routes from R2 to R3 and
the other way around. That is because it received those routes on the same interface tunnel and
therefore it cannot advertise back out that same interface (split-horizon rule). Therefore we must
disable splithorizon on the Hub router to make sure the Spokes know about each other.
19. Refer to the exhibit.
 25 / 112
An engineer noticed that the router log messages do not have any information about when the
event occurred.
Which action should the engineer take when enabling service time stamps to improve the
logging functionality at a granular level?
A. Configure the debug uptime option
B. Configure the msec option
C. Configure the timezone option
D. Configure the tog uptime option
Answer: D
20. Refer to the exhibit.
 26 / 112
A customer reports that networks in the 10.0.1.0/24 space do not appear in the RIP database.
What action resolves the issue?
A. Remove summarization of 10.0.0.078.
B. Permit 10.0.1.0/24 address in the ACL.
C. Remove ACL on R1 blocking 10.0.1.0/24 network.
D. Configure 10.0.1.0/24 network under RIP.
Answer: A
21. Refer to the exhibit.
A network is under a cyberattack. A network engineer connected to R1 by SSH and enabled the
terminal monitor via SSH session to find the source and destination of the attack. The session
was flooded with messages, which made it impossible for the engineer to troubleshoot the
issue.
Which command resolves this issue on R1?
 27 / 112
A. no terminal monitor
B. (config)#terminal no monitor
C. #terminal no monitor
D. (config)#no terminal monitor
Answer: C
Explanation:
To turn off terminal monitor, use “terminal no monitor” in the enable mode
22. Refer to the exhibit.
 28 / 112
SanFrancisco and Boston routers are choosing slower links to reach each other despite the
direct links being up.
Which configuration fixes the issue?
 29 / 112
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
23. Refer to the exhibit.
During ISP router maintenance, the network produced many alerts because of the flapping
interface.
Which configuration on R1 resolves the issue?
A. no snmp trap link-status
B. snmp trap link-status down
C. snmp trap ip verify drop-rate
D. ip verify drop-rate notify hold-down 60
Answer: D
24. Refer to the exhibit.
 30 / 112
An engineer is trying to configure local authentication on the console line, but the device is
trying to authenticate using TACACS+.
Which action produces the desired configuration?
A. Add the aaa authentication login default none command to the global configuration.
B. Replace the capital “C” with a lowercase “c” in the aaa authentication login Console local
command.
C. Add the aaa authentication login default group tacacs+ local-case command to the global
configuration.
D. Add the login authentication Console command to the line configuration
Answer: D
Explanation:
Reference: https://community.cisco.com/t5/switching/how-to-define-login-local-for-console-0/td-
p/2949493
25. Refer to the exhibit.
 31 / 112
An engineer is troubleshooting a prefix advertisement issue from R3, which is not directly
connected to R1.
Which configuration resolves the issue?
A)
B)
C)
D)
A. Option A
B. Option B
C. Option C
 32 / 112
D. Option D
Answer: A
26. An engineer creates a Cisco DNA Center cluster with three nodes, but all the services are
running on one host node.
Which action resolves this issue?
A. Restore the link on the switch interface that is connected to a cluster link on the Cisco DNA
Center
B. Click the master host node with all the services and select services to be moved to other
hosts
C. Enable service distribution from the Systems 360 page.
D. Click system updates, and upgrade to the latest version of Cisco DNA Center.
Answer: C
Explanation:
To deploy Cisco DNA Center on a three-node cluster with High Availability (HA) enabled,
complete the following procedure:
Step 1: Configure Cisco DNA Center on the first node in your cluster…
Step 2: Configure Cisco DNA Center on the second node in your cluster…
Step 3: Configure Cisco DNA Center on the third node in your cluster…
Step 4: Enable high availability on your cluster:
a. In the Cisco DNA Center GUI, click and choose System Settings. The System 360 tab is
displayed by default.
b. In the Hosts area, click Enable Service Distribution.
After you click Enable Service Distribution, Cisco DNA Center enters into maintenance mode. In
this mode, Cisco DNA Center is unavailable until the redistribution of services is completed. You
should take this into account when scheduling an HA deployment.
Reference: https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automa
tionand-management/dna-
center/1-3-3-0/ha_guide/b_cisco_dna_center_ha_guide_1_3_3_0.html
Therefore we can choose “Enable Service Distribution” to distribute services to other host
nodes.
27. A DMVPN single hub topology is using IPsec + mGRE with OSPF.
What should be configured on the hub to ensure it will be the designated router?
A. tunnel interface of the hub with ip nhrp ospf dr
B. OSPF priority to 0
 33 / 112
C. route map to set the metrics of learned routes to 110
D. OSPF priority greater than 1
Answer: D
Explanation:
By default, the priority is 1 on all routers so we can set the OSPF priority of the hub to a value
which is greater than 1 to make sure it would become the DR.
28. After some changes in the routing policy, it is noticed that the router in AS 45123 is being
used as a transit AS router for several service provides.
Which configuration ensures that the branch router in AS 45123 advertises only the local
networks to all SP neighbors?
A)
B)
C)
D)
 34 / 112
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
Explanation:
By default BGP advertises all prefixes to external BGP neighbors. This means that if you are
multi-homed (connected to two or more ISPs) then you might become a transit AS. For
example, ISP 2 in AS 200 can send traffic to your router in AS 100 to reach ISP 3 in AS 300
because you advertised prefixes in ISP 3 to ISP 2.
This is what will be seen in the BGP routing table of ISP1:
29. Refer to the exhibit.
 35 / 112
 36 / 112
A network administrator is troubleshootingIPv6 address assignment for a DHCP client that is
not getting an IPv6 address from the server.
Which configuration retrieves the client IPv6 address from the DHCP server?
A. ipv6 address autoconfig command on the interface
B. ipv6 dhcp server automatic command on DHCP server
C. ipv6 dhcp relay-agent command on the interface
D. service dhcp command on DHCP server
Answer: A
30. Which configuration feature should be used to block rogue router advertisements instead of
using the IPv6 Router Advertisement Guard feature?
A. VACL blocking broadcast frames from nonauthorized hosts
B. PVLANs with promiscuous ports associated to route advertisements and isolated ports for
nodes
C. PVLANs with community ports associated to route advertisements and isolated ports for
nodes
D. IPv4 ACL blocking route advertisements from nonauthorized hosts
Answer: B
Explanation:
The IPv6 Router Advertisement Guard feature provides support for allowing the network
administrator to block or reject unwanted or rogue router advertisement guard messages that
arrive at the network device platform. Router Advertisements are used by devices to announce
themselves on the link. The IPv6 Router Advertisement Guard feature analyzes these router
advertisements and filters out router advertisements that are sent by unauthorized devices.
Certain switch platforms can already implement some level of rogue RA filtering by the
administrator configuring Access Control Lists (ACLs) that block RA ICMP messages that might
be inbound on “user” ports.
Reference: https://datatracker.ietf.org/doc/html/rfc6104
31. Refer to the exhibit.
 37 / 112
A)
B)
C)
 38 / 112
D)
A. Option
B. Option
C. Option
D. Option
Answer: A
32. The network administrator configured CoPP so that all HTTP and HTTPS traffic from the
administrator device located at 172.16 1.99 toward the router CPU is limited to 500 kbps.
Any traffic that exceeds this limit must be dropped.
access-list 100 permit ip host 172.16.1.99 any
!
class-map CM-ADMIN
match access-group 100
!
policy-map PM-COPP
class CM-ADMIN
police 500000 conform-action transmit
!
interface E0/0
service-policy input PM-COPP
CoPP failed to capture the desired traffic and the CPU load is getting higher.
Which two configurations resolve the issue? (Choose two.)
A. interface E0/0
no service-policy input PM-COPP
!
 39 / 112
control-plane
service-policy input PM-COPP
B. policy-map PM-COPP
class CM-ADMIN
no police 500000 conform-action transmit
police 500 conform-action transmit
!
control-plane
service-policy input PM-COPP
C. no access-list 100
access-list 100 permit tcp host 172.16.1.99 any eq 80
D. no access-list 100
access-list 100 permit tcp host 172.16.1.99 any eq 80
access-list 100 permit tcp host 172.16.1.99 any eq 443
E. policy-map PM-COPP
class CM-ADMIN
no police 500000 conform-action transmit
police 500 conform-action transmit
Answer: A
33. A customer requested a GRE tunnel through the provider network between two customer
sites using loopback to hide internal networks.
Which configuration on R2 establishes the tunnel with R1?
A. R2(config)# interface Tunnel 1
R2(config-if)# ip address 172.20.1.2 255.255.255.0
R2(config-if)# ip mtu 1400
R2(config-if)# ip tcp adjust-mss 1360
R2(config-if)# tunnel source 192.168.20.1
R2(config-if)# tunnel destination 192.168.10.1
B. R2(config)# interface Tunnel 1
R2(config-if)# ip address 172.20.1.2 255.255.255.0
R2(config-if)# ip mtu 1400
R2(config-if)# ip tcp adjust-mss 1360
R2(config-if)# tunnel source 10.10.2.2
R2(config-if)# tunnel destination 10.10.1.1
C. R2(config)# interface Tunnel 1
 40 / 112
R2(config-if)# ip address 172.20.1.2 255.255.255.0
R2(config-if)# ip mtu 1500
R2(config-if)# ip tcp adjust-mss 1360
R2(config-if)# tunnel source 192.168.20.1
R2(config-if)# tunnel destination 10.10.1.1
D. R2(config)# interface Tunnel 1
R2(config-if)# ip address 172.20.1.2 255.255.255.0
R2(config-if)# ip mtu 1500
R2(config-if)# ip tcp adjust-mss 1360
R2(config-if)# tunnel source 10.10.2.2
R2(config-if)# tunnel destination 10.10.1.1
Answer: D
34. Refer to the exhibit.
Users in VLAN46 cannot get the IP from the DHCP server. Assume that all the parameters are
configured properly in VLAN 10 and on the DHCP server.
Which command on interlace VLAN46 allows users to receive IP from the DHCP server?
A. ip dhcp-addreos 10.221.10.10
B. ip dhcp server 10.221.10.10
C. ip helper-addrets 10.221.10.10
D. ip dhcp relay information trust-all
Answer: C
35. Refer to the exhibit.
 41 / 112
An administrator must harden a router, but the administrator failed to test the SSH access
successfully to the router.
Which action resolves the issue?
A. Configure SSH on the remote device to log m using SSH
B. SSH syntax must be ssh -I user ip to log in to the remote device
C. Configure enable secret to log in to the device
D. SSH must be allowed with the transport output ssh command
Answer: B
36. Refer to the exhibit.
 42 / 112
The Customer Edge rouler wants to use AS 100 as the preferred ISP for all external routes and
ISP-2 as a backup.
 43 / 112
After this configuration, all the backup routes have disappeared from the BGP table on the
Customer Edge router.
Which set of configurations resolves the issue on the Customer Edge router?
A)
B)
C)
 44 / 112
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
37. Refer to the exhibit.
 45 / 112
An engineer has successfully set up a floating static route from the BRANCH router to the HQ
network using HQ_R1 as the primary default gateway When the g0/0 goes down on HQ_R1,
the branch network cannot reach the HQ network 192.168.20.0/24.
Which set of configurations resolves the issue?
A. HQ_R3(config)# ip sla responder
HQ_R3(config)# ip sla responder icmp-echo 172.16.35.1
B. BRANCH(config)# ip sla 1
 46 / 112
BRANCH(config-ip-sla)# icmp-echo 192.168.100.2
C. HQ R3(config)# Ip sla responder
HQ R3(config)# Ip sla responder Icmp-echo 172.16.35.5
D. BRANCH(config)# Ip sla 1
BRANCH(config-ip-sta)# Icmp-echo 192.168.100.1
Answer: D
38. Which router attaches the VPN label to incoming packets from CE routing?
A. CE router
B. core router
C. P router
D. PE router
Answer: D
39. Refer to the exhibit.
A network administrator must block ping from user 3 to the App Server only. An inbound
 47 / 112
standard access list is applied to R1 interface G0/0 to block ping. The network administrator
was notified that user 3 cannot even ping user 9 anymore.
Where must the access list be applied in the outgoing direction to resolve the issue?
A. R2 interface G1/0
B. R2 interface G0/0
C. SW1 interface G1/10
D. SW1 interface G2/21
Answer: D
40. An engineer needs dynamic routing between two routers and is unable to establish OSPF
adjacency.
The output of the show ip ospf neighbor command shows that the neighbor state is
EXSTART/EXCHANGE.
Which action should be taken to resolve this issue?
A. match the passwords
B. match the hello timers
C. match the MTUs
D. match the network types
Answer: C
Explanation:
41. 4.0/24
42. Refer to the exhibit.
The R1 and R2 configurations are:
 48 / 112
The neighbor is not coming up.
Which two sets of configurations bring the neighbors up? (Choose two.)
A. R2
ip route 10.1.1.1 255.255.255.255 192.168.1.1
!
router bgp 200
neighbor 10.1.1.1 tti-security hops 1
neighbor 10.1.1.1 update-source loopback 0
B. R2
ip route 10.1.1.1 255.255.255.255 192.168.1.1
!
router bgp 200
neighbor 10.1.1.1 disable-connected-check
neighbor 10.1.1.1 update-source loopback 0
C. R2
ip route 10.1.1.2 255.255.255.255 192.168.1.2
!
router bgp 100
neighbor 10.1.1.2 ttl-securityhops 1
neighbor 10.1.1.2 update-source loopback 0
D. R1
ip route 10.1.1.2 255.255.255.255 192.168.1.2
!
router bgp 100
neighbor 10.1.1.1 ttl-security hops 1
neighbor 10.1.1.2 update-source loopback 0
E. R1
ip route 10.1.1.2 255.255.255.255 192.168.1.2
!
 49 / 112
router bgp 100
neighbor 10.1.1.2 disable-connected-check
neighbor 10.1.1.2 update-source Loopback0
Answer: BE
Explanation:
Disable-connected-check enables a directly connected eBGP neighbor to peer using a loopback
address without adjusting the default TTL of 1. In disable connected check the router does not
decrease the TTL of an IP packet that is destined to itself so it only counts or considers as one
hop between the two loopbacks of the routers.
43. Refer to the exhibit.
 50 / 112
 51 / 112
The remote server is failing to receive the NetFlow data.
Which action resolves the issue?
A. Modify the flow transport command transport udp 2055 to move under flow monitor profile.
B. Modify the interlace command to Ip flow monitor FLOW-MONITOR-1 Input.
C. Modify the udp port under flow exporter profile to Ip transport udp 4739.
D. Modify the flow record command record v4_r1 to move under flow exporter profile.
Answer: B
Explanation:
From the exhibit we see there are two flow monitors: the first one “FLOW-MONITOR-1” has
been configured correctly but the second one “v4_r1” was left empty andinterface E0/0.1 is
using it. So the remote server does not receive any NetFlow data.
44. Refer to the exhibit.
An engineer configured NetFlow on R1, but the NMS server cannot see the flow from R1.
Which configuration resolves the issue?
A. flow monitor Flowmonitor1
destination 10.221.10.11
B. flow exporter FlowAnalyzer1
destination 10.221.10.11
C. interface Ethernet0/1
flow-destination 10.221.10.11
 52 / 112
D. interface Ethernet0/0
flow-destination 10.221.10.11
Answer: B
Explanation:
From the output we notice that the destination IP address is not correct. The NMS server IP
address should be 10.221.10.11, not 10.221.10.10. Therefore we have to change this
information under “flow exporter …” configuration.
NetFlow configuration reference: https://www.cisco.com/c/en/us/td/docs/iosxml/ios/fnetflow/confi
guration/15-mt/fnf-15-mt-book/cfg-de-fnflow-exprts.html
45. Refer to the exhibit.
An engineer configured user login based on authentication database on the router, but no one
can log into the router.
Which configuration resolves the issue?
A. aaa authentication login default enable
B. aaa authorization network default local
C. aaa authentication login default local
D. aaa authorization exec default local
Answer: C
 53 / 112
46. What is an advantage of using BFD?
A. It detects local link failure at layer 1 and updates routing table.
B. It detects local link failure at layer 2 and updates routing protocols.
C. It has sub-second failure detection for layer 1 and layer 3 problems.
D. It has sub-second failure detection for layer 1 and layer 2 problems.
Answer: D
47. Refer to the exhibit.
 54 / 112
An engineer is monitoring reachability of the configured default routes to ISP1 and ISP2. The
default route from ISP1 is preferred if available.
How is this issue resolved?
A. Use the icmp-echo command to track both default routes
B. Use the same AD for both default routes
C. Start IP SLA by matching numbers for track and ip sla commands
D. Start IP SLA by defining frequency and scheduling it
Answer: D
Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/ip/ip-routing/200785-ISP-Failover-with-
default-routes-using-I.html
In the above configuration we have not had activated our IP SLA operation.
We can start it with this command:
R1(config)#ip sla schedule 100 life forever start-time now
Also we should specific the rate of ICMP echo:
R1(config-ip-sla-echo)#frequency 5 // Send ICMP echo every 5 seconds
48. Refer to the exhibit.
When monitoring an IPv6 access list, an engineer notices that the ACL does not have any hits
and is causing unnecessary traffic to pass through the interface.
Which command must be configured to resolve the issue?
A. access-class INTERNET in
B. ipv6 traffic-filter INTERNET in
C. ipv6 access-class INTERNET in
D. ip access-group INTERNET in
Answer: C
49. Refer to the exhibit.
 55 / 112
Gateway-Router# show ipv6 access-list
IPv6 access list Default_Access
permit tcp host 2018:DB1: A: B::1 host 2018:DB1:A:C::1 eq www sequence 10
deny tcp any host 2018:DB1: A:C::1 eq telnet sequence 20
permit tcp host 2018:DB1: A: B::2 host 2018:DB1:A:C::1 eq telnet sequence 30
permit ipv6 2018:DB1: A: B::/64 any sequence 40
PC-2 failed to establish a Telnet connection to the terminal server.
Which configuration resolves the issue?
A. Gateway-Router(config)#ipv6 access-list Default Access
Gateway-Router(config-ipv6-acl)#sequence 15 permit tcp host 2018:DB1:A:B::2 host
2018:DB1:A:C. :1 eq telnet
B. Gateway-Router(config)#ipv6 access-list Default Access
Gateway-Router(config-ipv6-acl)#permit tcp host 2018:DB1:A:B::2 host 2018:DB1:A:C::1 eq
telnet
C. Gateway-Router(config)#ipv6 access-list Default Access
Gateway-Router(config-ipv6-acl)#no sequence 20
Gateway-Router(config-ipv6-acl)#sequence 5 permit tcp host 2018:DB1:A:B::2 host
2018:DB1:A:C::1 eq telnet
D. Gateway-Router(config)#fipv6 access-list Default Access
Gateway-Router(confia-ipv6-acl)#sequence 25 permit tcp host 2018:DB1:A:B:2 host
2018:DB1:A:C. :1 eq telnet
 56 / 112
Answer: A
Explanation:
In fact in this question both answer A and answer C are correct but we believe answer A is the
better choice as it only allows PC-2 to telnet to terminal server. All other hosts are refused to
telnet to terminal server via sequence 20.
50. Which two protocols are used by a P router to transfer VPN traffic between PE routers in an
MPLS network? (Choose two.)
A. BGP
B. OSPF
C. MP-BGP
D. LDP
E. RSVP
Answer: CD
51. Refer to the exhibit.
 57 / 112
 58 / 112
R2 has two paths to reach 192.168.13.0/24. but traffic is sent only through R3.
Which action allows traffic to use both paths?
A. Configure the bandwidth 2000 command under interface FastEthernet0/0 on R2.
B. Configure the variance 4 command under the EIGRP process on R2.
C. Configure the delay 1 command under interface FastEthernet0/0 on R2.
D. Configure the variance 2 command under the EIGRP process on R2
Answer: B
Explanation:
From the output of the “show ip eigrp topology …” command, we notice network
192.168.13.0/24 was learned via two routes:
+ From 192.168.23.3 (R3) with FD = 1075200 and AD = 281600
+ From 192.168.12.1 (R1) with FD = 2611200 and AD = 281600
From the output of the “show ip route …” command, we learned that the best (and chosen) path
is via 192.168.23.3 (R3).
To use both paths (called unequal cost load balancing) with EIGRP, the second path via R1
must satisfy the feasibility condition. The feasibility condition states that, the Advertised
Distance (AD) of a route must be lower than the feasible distance of the current successor
route.
In this case, the second path satisfies the feasible condition as its AD (281600) is smaller than
the FD (1075200) of the best path. Therefore we can configure loadbalancing with “variance”
command.
In other words, EIGRP will install all paths with metric < variance * best_metric into the local
routing table, provided that it meets the feasibility condition to preventrouting loop. Therefore we
can calculate the variance > metric / best_metric = 2611200 / 1075200 =2.4.
So with a variance greater than 2 (and must be an integer), we can load balance traffic to
network 192.168.13.0/24.
52. R1 and R2 are configured as eBGP neighbor , R1 is in AS100 and R2 is in AS200.
R2 is advertisingthese networks to R1:
53. Refer to the exhibit.
 59 / 112
A user has set up an IP SLA probe to test if a non-SLA host web server on IP address 10.1.1.1
accepts HTTP sessions prior to deployment. The probe is failing.
Which action should the network administrator recommend for the probe to succeed?
A. Re-issue the ip sla schedule command.
B. Add icmp-echo command for the host.
C. Add the control disable option to the tcp connect.
D. Modify the ip sla schedule frequency to forever.
Answer: C
54. Refer to the exhibit.
 60 / 112
The network engineer configured the summarization of the RIP routes into the OSPF domain on
R5 but
still sees four different 172.16.0.0/24 networks on R4.
Which action resolves the issue?
A. R5(config)#router ospf 1
R5(config-router)#no area
R5(config-router)#summary-address 172.16.0.0 255.255.252.0
B. R4(config)#router ospf 99
R4(config-router)#network 172.16.0.0 0.255.255.255 area 56
R4(config-router)#area 56 range 172.16.0.0 255,255.255.0
C. R4(config)#router ospf 1
 61 / 112
R4(config-router)#no area
R4(config-router)#summary-address 172.16.0.0 255.255.252.0
D. R5(config)#router ospf 99
R5(config-router)#network 172.16.0.0 0.255.255.255 area 56
R5(config-router)#area 56 range 172.16.0.0 255.255.255.0
Answer: A
Explanation:
Explanation
Area 36 is a NSSA so R5 is an ASBR so we can summarize external routes using the
“summaryaddress”
command. The command “area area-id range” can only be used on ABR so it is not correct.
The summarization must be done on the ASBR which is R5, not R4 so the correct answer must
be started with “R5(config)#router ospf 1”.
Note: The “no area” command is used to remove any existing “area …” command (maybe
“area 56 range …” command).
55. What is a function of the IPv6 DHCP Guard feature for DHCP messages?
A. Only access lists are supported for matching traffic.
B. All client messages are always switched regardless of the device role.
C. It blocks only DHCP request messages.
D. If the device is configured as a DHCP server, no message is switched.
Answer: B
56. Refer to the exhibit.
 62 / 112
In which circumstance does the BGP neighbor remain in the idle condition?
A. if prefixes are not received from the BGP peer
B. if prefixes reach the maximum limit
C. if a prefix list is applied on the inbound direction
D. if prefixes exceed the maximum limit
Answer: D
Explanation:
https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/25160-bgp-
maximum-prefix.html#b
57. An engineer configured VRF-Lite on a router for VRF blue and VRF red. OSPF must be
enabled on each VRF to peer to a directly connected router in each VRF.
Which configuration forms OSPF neighbors over the network 10.10.10.0/28 for VRF blue and
192.168.0.0/30 for VRF red?
 63 / 112
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
58. Refer to the exhibit.
 64 / 112
The Math and Science departments connect through the corporate. IT router but users in the
Math department must not be able to reach the Science department and vice versa.
Which configuration accomplishes this task?
A. vrf definition Science
?
interface E 0/2
ip address 192.168.1.1 255.255.255.0
no shut
?
interface E 0/3
ip address 192.168.2.1 255.255.255.0
no shut
B. vrf definition Science
address-family ipv4
!
interface E 0/2
ip address 192.168.1.1 255.255.255.0
 65 / 112
vrf forwarding Science
no shut
!
interface E 0/3
ip address 192.168.2.1 255.255.255.0
vrf forwarding Science
no shut
C. vrf definition Science
address-family ipv4
!
interface E 0/2
ip address 192.168.1.1 255.255.255.0
no shut
!
interface E 0/3
ip address 192.168.2.1 255.255.255.0
no shut
D. vrf definition Science
address-family ipv4
!
interface E 0/2
vrf forwarding Science
ip address 192.168.1.1 255.255.255.0
no shut
!
interface E 0/3
vrf forwarding Science
ip address 192.168.2.1
Answer: D
59. The network administrator configured the router for Control Plane Policing to limit OSPF
traffic to be policed to 1 Mbps. Any traffic that exceeds this limit must also be allowed at this
point for traffic analysis.
The router configuration is:
access-list 100 permit ospf any any
!
 66 / 112
class-map CM-OSPF
match access-group 100
!
policy-map PM-COPP
class CM-OSPF
police 1000000 conform-action transmit
!
control-plane
service-policy output PM-COPP
The Control Plane Policing failed to monitor and police OSPF traffic.
Which configuration resolves this issue?
A. no access-list 100
access-list 100 permit tcp any any eq 179
access-list 100 permit ospf any any
access-list 101 permit tcp any any range 22 23
!
!
class-map CM-MGMT
no match access-group 100
match access-group 101
!
control-plane
no service-policy output PM-COPP
service-policy input PM-COPP
B. No access-list 100
access-list 100 permit tcp any any eq 179
access-list 100 permit tcp any any range eq 22
access-list 100 permit tcp any any range eq 23
access-list 100 permit ospf any any
C. control-plane
no service-policy output PM-COPP
service-policy input PM-COPP
D. no access-list 100
access-list 100 deny ospf any any
access-list 100 permit ip any any
!
 67 / 112
policy-map PM-COPP
class CM-OSPF
no police 1000000 conform-action transmit
police 1000000 conform-action transmit
exceed-action drop
!
control-plane
no service-policy output PM-COPP
service-policy input PM-COPP
Answer: A
60. Refer to the exhibit.
 68 / 112
A network engineer applied a filter for LSA traffic on OSPFv3 interarea routes on the area 5
ABR to protect advertising the internal routes of area 5 to the business partner network. All
other areas should receive the area 5 internal routes. After the respective route filtering
configuration is applied on the ABR, area 5 routes are not visible on any of the areas.
How must the filter list be applied on the ABR to resolve this issue?
A. in the “in” direction for area 5 on router R1
B. in the “out” direction for area 5 on router R1
 69 / 112
C. in the “in” direction for area 20 on router R2
D. in the “out” direction for area 20 on router R2
Answer: D
61. An engineer configured a Cisco router to send reliable and encrypted notifications for any
events to the management server. It was noticed that the notification messages are reliable but
not encrypted.
Which action resolves the issue?
A. Configure all devices for SNMPv3 informs with priv.
B. Configure all devices for SNMPv3 informs with auth.
C. Configure all devices for SNMPv3 traps with auth.
D. Configure all devices for SNMPv3 traps with priv.
Answer: A
Explanation:
SNMP notifications can be sent as traps or inform requests. Traps are unreliable because the
receiver does not send acknowledgments when this device receives traps.”Send reliable and
encrypted notifications for any events” so it is SNMP notifications. For encryption we need to
configure “priv”.
62. A network administrator is troubleshooting a high utilization issue on the route processor of
a router that was reported by NMS The administrator logged into the router to check the control
plane policing and observed that the BGP process is dropping a high number of routing packets
and causing thousands of routes to recalculate frequently.
Which solution resolves this issue?
A. Police the cir for BGP, conform-action transmit, and exceed action transmit.
B. Shape the pir for BGP, conform-action set-prec-transmit, and exceed action set-frde-transmit.
C. Shape the cir for BGP. conform-action transmit, and exceed action transmit.
D. Police the pir for BGP, conform-action set-prec-transmit, and exceed action set-clp-transmit.
Answer: D
Explanation:
CIR (Committed InformationRate) is the minimum guaranteed traffic delivered in the network.
PIR (Peak Information Rate) is the top bandwidth point of allowed traffic in a non busy times
without any guarantee.
 70 / 112
+ Policing: is used to control the rate of traffic flowing across an interface. During a bandwidth
exceed (crossed the maximum configured rate), the excess traffic is generally dropped or
remarked. The result of traffic policing is an output rate that appears as a saw-tooth with crests
and troughs. Traffic policing can be applied to inbound and outbound interfaces. Unlike traffic
shaping, QoS policing avoids delays due to queuing. Policing is configured in bytes.
+ Shaping: retains excess packets in a queue and then schedules the excess for later
transmission over increments of time. When traffic reaches the maximum configured rate,
additional packets are queued instead of being dropped to proceed later. Traffic shaping is
applicable only on outbound interfaces as buffering and queuing happens only on outbound
interfaces. Shaping is configured in bits per second.
 71 / 112
Therefore in this case we can only policing, not shaping as traffic shaping is applicable only on
outbound interfaces as buffering and queuing happens only on outbound interfaces. Moreover,
BGP traffic is not important so we can drop the excess packets without any problems.
And we only policing the PIR traffic so that the route processor is not overwhelmed by BGP
calculation.
Note: The “set-prec-transmit” is the same as “transmit” command except it sets the IP
Precedence level as well. The “set-clp-transmit” sets the ATM Cell Loss Priority (CLP) bit from
0 to 1 on the ATM cell and transmits the packet.
63. Refer to the exhibit.
 72 / 112
Refer to the exhibit. an engineer is trying to get 192.168.32.100 forwarded through 10.1.1.1, but
it was forwarded through 10.1.1.2.
What action forwards the packets through 10.1.1.1?
A. Configure EIGRP to receive 192.168.32.0 route with lower admin distance.
B. Configure EIGRP to receive 192.168.32.0 route with longer prefix than /19.
C. Configure EIGRP to receive 192.168.32.0 route with lower metric.
D. Configure EIGRP to receive 192.168.32.0 route with equal or longer prefix than /24.
Answer: D
64. Refer to the exhibit.
An engineer configured SNMP communities on the Core_SW1, but the SNMP server cannot
obtain information from Core_SW1.
Which configuration resolves this issue?
A. snmp-server group NETVIEW v2c priv read NETVIEW access 20
B. access-list 20 permit 10.221.10.11
C. access-list 20 permit 10.221.10.12
D. snmp-server group NETADMIN v3 priv read NETVIEW write NETADMIN access 22
Answer: B
65. Refer to the exhibit.
 73 / 112
An engineer must block access to the console ports for all corporate remote Cisco devices
based on the recent corporate security policy but the security team stilt can connect through the
console port.
Which configuration on the console port resolves the issue?
A. transport input telnet
B. login and password
C. no exec
D. exec 0.0
Answer: C
Explanation:
“no exec” will disable access to a line. It is used if we want to allow only outgoing session (and
disable incoming session) so this command will block all console port access.
There is no “exec 0 0” command. We can only find the “exec prompt” command in IOS
Version 15.4(2)T4.
 74 / 112
The most similar command is “exec-timeout 0 0” command, which is used to prevent
Telnet/SSH sessions from timing out.
66. A company Is redesigning WAN infrastructure so that all branch sites must communicate via
the head office and the head office can directly communicate with each site independently. The
network engineer must configure the head office router by considering zero-touch technology
when adding new sites in the same WAN infrastructure.
Which configuration must be applied to the head office router to meet this requirement?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
67. Refer to the exhibit.
 75 / 112
An engineer must configure a per VRF for TACACS+ for company A.
Which configuration on RTG-1 accomplishes the task?
 76 / 112
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
 77 / 112
68. Network engineer must configure an ElGRP stub router at a site that advertises only
connected and summary routes.
Which configuration performs this task?
A)
B)
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
Explanation:
In EIGRP (Enhanced Interior Gateway Routing Protocol), a stub router is one that is connected
to one or more neighbors and should not be a transit router1. The EIGRP stub routing feature
improves network stability, reduces resource utilization, and simplifies the stub router’s
configuration1.
The network engineer wants to configure an EIGRP stub router that advertises only connected
and summary routes.
This can be achieved with the configuration provided in Option B:
 78 / 112
router eigrp 100
eigrp stub summary
This configuration ensures that the EIGRP stub router advertises only connected and summary
routes12. The summary keyword after the eigrp stub command indicates that the router should
advertise only auto-summarized or statically configured summary routes12.
Reference: EIGRP STUB and Configuration - Cisco Community
EIGRP Stub And Summary Routes Explained - Networkel
69. Refer to the exhibit.
After reloading the router an administrator discovered that the interface utilization graphs
displayed inconsistencies with their previous history in the NMS.
Which action prevents this issue from occurring after another router reload in the future?
A. Rediscover all the router interfaces through SNMP after the router is reloaded
B. Save the router configuration to startup-config before reloading the router
C. Configure SNMP to use static OlDs referring to individual router interfaces
D. Configure SNMP interface index persistence on the router
Answer: D
70. Refer to the exhibit.
 79 / 112
R1 and R2 cannot establish an EIGRP adjacency.
Which action establishes EIGRP adjacency?
A. Remove the current autonomous system number on one of the routers and change to a
different value.
B. Remove the passive-interface command from the R2 configuration so that it matches the R1
configuration.
C. Add the no auto-summary command to the R2 configuration so that it matches the R1
configuration.
D. Add the passive-interface command to the R1 configuration so that it matches the R2
configuration.
Answer: B
 80 / 112
71. Topic 3, Exam Pool C
Refer to the exhibit.
A network administrator is trying to access a branch router using TACACS+ username and
password credentials, but the administrator cannot log in to the router because the WAN
connectivity is down.
The branch router has following AAA configuration:
aaa new-model
aaa authorization commands 15 default group tacacs+
aaa accounting commands 1 default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
tacacs-server host 10.100.50.99
tacacs-server key CI$co123
Which command will resolve this problem when WAN connectivity is down?
A. aaa authentication login default group tacacs+ local
B. aaa authentication login default group tacacs+ enable
C. aaa authentication login default group tacacs+ console
D. aaa authentication login console group tacacs+ enable
Answer: A
Explanation:
With the “aaa authentication login default group tacacs+ local ” command configured, when
logging in, the password supplied will be attempted to be verified by the TACACS+ server
before access is granted. If the server is unavailable/unreachable, then the switch will fall back
to using the local authenticationdatabase.
 81 / 112
72. Refer to the exhibit.
The neighbor relationship is not coming up.
Which two configurations bring the adjacency up? (Choose two)
A. NY router ospf 1
area 0 authentication message-digest
B. LA
interface E 0/0
ip ospf message-digest-key 1 md5 Cisco123
C. NY interface E 0/0
no ip ospf message-digest-key 1 md5 Cisco123 ip ospf authentication-key Cisco123
D. LA
interface E 0/0
ip ospf authentication-key Cisco123
E. LA
router ospf 1
area 0 authentication message-digest
Answer: BE
Explanation:
The configuration on NY router is good for OSPF authentication. So we must enable OSPF
authentication on LA router with the following commands:
router ospf 1
area 0 authentication message-digest
 82 / 112
interface E0/0
ip ospf message-digest-key 1 md5 Cisco123
73. Refer to the exhibit.
Packets arriving from source 209.165.200.215 must be sent with the precedence bit set to 1,
and packets arriving from source 209.165.200.216 must be sent with the precedence bit set to
5.
Which action resolves the issue?
A. set ip precedence critical in route-map Texas permit 10
B. set ip precedence critical in route-map Texas permit 20
C. set ip precedence immediate in route-map Texas permit 10
D. set ip precedence priority in route-map Texas permit 20
Answer: B
74. Which IGPs are supported by the MPLS LDP autoconfiguration feature?
 83 / 112
A. RIPv2 and OSPF
B. OSPF and EIGRP
C. OSPF and ISIS
D. ISIS and RIPv2
Answer: C
Explanation:
75. What are the two goals of micro BFD sessions? (Choose two.)
A. The high bandwidth member link of a link aggregation group must run BFD
B. Run the BFD session with 3x3 ms hello timer
C. Continuity for each member link of a link aggregation group must be verified
D. Eny member link on a link aggregation group must run BFD
E. Each member link of a link aggregation group must run BFD.
Answer: CE
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bfd/configuration/xe-16-8/irb-
xe-16-8-book/irb-micro-bfd.html
76. How does LDP operate in an MPLS network?
A. When topology changes occur such as a router failure, LDP generates peer discovery
messages that terminate the LDP season to propagate an LSP change.
B. When an adjacent LSR receives LDP discovery messages. TCP two-way handshake
ensures that the LDP session has unidirectional connectivity.
C. Peer routers establish the LDP session, and the LDP neighbors maintain and terminate the
session by exchanging messages
D. LDP notification messages allow LERs to exchange label information to determine the next
hops within a particular LSP.
Answer: D
77. Refer to the exhibit.
 84 / 112
An engineer must configure OSPF with R9 and R10 and configure redistribution between OSPF
and RIP causing a routing loop.
Which configuration on R9 and R10 meets this objective?
A)
 85 / 112
B)
C)
D)
 86 / 112
A. Option
B. Option
C. Option
D. Option
Answer: A
78. Refer to the exhibit.
 87 / 112
An enterprise operations team must monitor all application server traffic in the data center. The
team finds that traffic coming from the hub site from R3 and R6 rs monitored successfully but
traffic destined to the application server is not monitored.
Which action resolves the issue?
A)
B)
 88 / 112
C)
D)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
79. DRAG DROP
Drag and drop the SNMP attributes in Cisco IOS devices from the left onto the correct
SNMPv2c or SNMPV3 categories on the right.
 89 / 112
Answer:
 90 / 112
80. Refer to the exhibit.
After an engineer configured a new Cisco rouler as a DHCP server, users reponed two primary
issues:
? Devices in the HR subnet have intermittent connectivity problems.
? Workstations in the LEGAL subnet cannot obtain IP addresses.
Which configurations must the engineer apply to ROUTER_1 to restore connectivity for the
affected devices?
 91 / 112
 92 / 112
 93 / 112
 94 / 112
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
81. Which function does LDP provide in an MPLS topology?
A. It enables a MPLS topology to connect multiple VPNs to P routers.
B. It provides hop-by-hop forwarding in an MPLS topology for LSRs.
C. It exchanges routes for MPLS VPNs across different VRFs.
D. It provides a means for LSRs to exchange IP routes.
Answer: B
Explanation:
LDP provides a standard methodology for hop-by-hop, or dynamic label, distribution in an MPLS
network by assigning labels to routes that have been chosen by the underlying Interior Gateway
Protocol (IGP) routing protocols. The resulting labeled paths, called label switch paths (LSPs),
forward label traffic across an MPLS backbone to particular destinations.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_ldp/configuration/12-4t/mp-
ldp-
12-4t-book.pdf
82. Refer to the exhibit.
 95 / 112
After applying IPsec, the engineer observed that the DMVPN tunnel went down, and both spoke-
to-spoke and hub were not establishing.
Which two actions resolve the issue? (Choose two.)
A. Configure the crypto isakmp key cisco address 192.1.1.1 on R2 and R3
B. Configure the crypto isakmp key cisco address 0.0.0.0 on R2 and R3.
C. Change the mode from mode tunnel to mode transport on R3
D. Change the mode from mode transport to mode tunnel on R2.
E. Remove the crypto isakmp key cisco address 10.1.1.1 on R2 and R3
Answer: AD
Explanation:
*When using DMVPN with IPSec, it is unnecessary to use tunnel mode. Because DMVPN uses
GRE which means that a new IP header is already added by GRE. The GRE encapsulation
happens on the tunnel interface before the encryption process takes place.
83. Which command is used to check IP SLA when an interface is suspected to receive lots of
traffic with options?
A. show track
B. show threshold
C. show timer
D. show delay
 96 / 112
Answer: A
84. What is an advantage of implementing BFD?
A. BFD provides faster updates for any flapping route.
B. BFD provides millisecond failure detection
C. BFD is deployed without the need to run any routing protocol
D. BFD provides better capabilities to maintain the routing table
Answer: B
85. A network is configured with IP connectivity, and the routing protocol between devices
started having problems right after the maintenance window to implement network changes.
Troubleshoot and resolve to a fully functional network to ensure that:
 97 / 112
 98 / 112
 99 / 112
 100 / 112
R4
 101 / 112
 102 / 112
 103 / 112
R5
 104 / 112
 105 / 112
 106 / 112
 107 / 112
Answer:
R4
Int range et0/0 C 1
Ip ospf authentication message-digest
Ip ospf message-digest-key 1 md5 CCNP
Router ospf 1
 108 / 112
Redistribute connected subnets route-map to-ospf metric-type 1
Copy run start
R5
Int range et0/0 C 1
Ip ospf authentication message-digest
Ip ospf message-digest-key 1 md5 CCNP
Interface eth 0/1
Ip ospf cost 10
Copy run start
VERIFICATION: -
86. An engineer configures PBR on R5 and wants to create a policy that matches traffic
destined toward 10.10.10.0/24 and forward 10.1.1.1. The traffic must also have its IP
precedence set to 5. All other traffic should be forward toward 10.1.1.2 and have its IP
precedence set to 0.
Which configuration meets the requirements?A. access-list 1 permit 10.10.10.0 0.0.0.255
access-list 2 permit any
route-map CCNP permit 10
match ip address 1
set ip next-hop 10.1.1.1
set ip precedence 5
!
route-map CCNP permit 20
match ip address 2
set ip next-hop 10.1.1.2
 109 / 112
set ip precedence 0route-map CCNP permit 30
B. access-list 100 permit ip any 10.10.10.0 0.0.0.255
route-map CCNP permit 10
match ip address 100
set ip next-hop 10.1.1.1
set ip precedence 0
!
route-map CCNP permit 20
set ip next-hop 10.1.1.2
set ip precedence 5
!
route-map CCNP permit 30
C. access-list 1 permit 10.10.10.0 0.0.0.255
route-map CCNP permit 10
match ip address 1
set ip next-hop 10.1.1.1
set ip precedence 5
!
route-map CCNP permit 20
set ip next-hop 10.1.1.2
set ip precedence 0
D. access-list 100 permit ip any 10.10.10.0 0.0.0.255
route-map CCNP permit 10
match ip address 100
set ip next-hop 10.1.1.1
set ip precedence 5
!
route-map CCNP permit 20
set ip next-hop 10.1.1.2
set ip precedence 0
Answer: D
87. How is the LDP router ID used in an MPLS network?
A. The MPLS LOP router ID must match the IGP router ID.
B. If not configured, the operational physical interface is chosen as the router ID oven d a
loopback is configured.
 110 / 112
C. The loopback with the highest IP address is selected as the router ID
D. The force keyword changes the router ID to the speeded address without causing any
impact.
Answer: D
88. Which attribute eliminates LFAs that belong to protected paths in situations where links in a
network are connected through a common fiber?
A. shared risk link group-disjoint
B. linecard-disjoint
C. lowest-repair-path-metric
D. interface-disjoint
Answer: A
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/ios-
xml/ios/iproute_eigrp/configuration/xe-3s/asr1000/ire-xe-3s-asr1000/ire-ipfrr.html
89. Refer to the exhibit.
The control plane is heavily impacted after the CoPP configuration is applied to the router.
 111 / 112
Which command removal lessens the impact on the control plane?
A. access-list 120 permit udp any any eq pim-auto-rp
B. access-list 120 permit eigrp any host 224.0.0.10
C. access-list 120 permit ospf any
D. access-list 120 permit tcp any gt 1024 eq bgp log
Answer: A
 
More Hot Exams are available.
350-401 ENCOR Exam Dumps
350-801 CLCOR Exam Dumps
200-301 CCNA Exam Dumps
Powered by TCPDF (www.tcpdf.org)
 112 / 112
https://www.certqueen.com/promotion.asp
https://www.certqueen.com/350-401.html
https://www.certqueen.com/350-801.html
https://www.certqueen.com/200-301.html
http://www.tcpdf.org